In the Claims: 



Please 




Claims 1, 5, 9 and 15. 



1. 



(Currently aniended) An information security system comprising: 




a plurality of 
including at least one of the 



trusted authorities configurable in a rooted hierarchical structure 
1 rusted authorities being a superior authority and at least one of the 



trusted authorities being a subprdinate [authorities] authority ; and 

the superior j^uthority operative to generate inter trusted authority trust 
modification data to dynami^Uy vary validation starting authorities among the subordinate 
authorities. 

2. (Original) Tftie system of claim 1 wherein at least one of the subordinate 
authorities includes a certificate issuer operatively responsive to the inter trusted authority 
modification data for issuing qertificates for at least one subscriber based on the inter trusted 
authority modification data. 

3. (Original) Thb system of claim 1 wherein at least one of the subordinate"" 
authorities includes a subscriber trust anchor specifier, operatively responsive to the inter trusted 
authority modification data, tha| generates trust anchor modification data for a plurality of 
subscribers. 

4. (Original) The Isystem of claim 3 wherein the trust anchor modification data 
includes subordinate trust anchor qata representing at least one trust anchor different from a local 
trust authority. 

5. (Currently amended) The system of claim 1 wherein the superior authority 
includes a trust anchor modificat on data certificate issuer that provides [the] trust anchor 
modification data as a signed data structure for the subordinate authorities. 
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6. (Original) The system of claim 1 wherein the trust anchor modification data 
includes data representing at least one of: scope of certification data, subordinate authority cross- 
certification allowance data, subordinate authority certification rule data, subordinate authority 
password rule data, ^ubscriber trust anchor rule data and subscriber password rule data, 
certificate expiry policy, subscriber algorithm policy, and policy control message data. 

7. (Original) The system of claim 1 wherein one of the trusted authorities is a 
root authority. I 

8. (Original) The system of claim 1 including subordinate authority memory 
containing data represenlting validation starting authority data, wherein the data is stored in 
response to receiving the inter trusted authority trust modification data. 

9. (Currently miended) An information security system comprising: 

a plurality of trusted authorities configurable in a rooted hierarchical structure 
including at least one of the trusted authorities being a superior authority and at least one of the 
trusted authorities being a subordinate [authorities] authority ; 

the superior authority operative to generate policy control message data to 
dynamically vary policy control data to facilitate trust authority policy delegation among the 
subordinate authorities wherein the policy control data includes inter trusted authority trust 
modification data to dynamically vary validation starting authorities among the subordinate 
authorities; and ^ 1 

wherein at least 6ne of the subordinate authorities includes a certificate issuer 
operatively responsive to the inter trusted authority modification data for issuing certificates for 
at least one subscriber based on the inter trusted authority modification data and fiirther includes 
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a subscriber trust anchor specifier, operatively responsive to the inter trusted authority 
modification data, that generates trust anchor modification data for a plurality of subscribers. 

10. (Original) The system of claim 9 wherein the trust anchor modification data 
includes subordinate trust anchor data representing at least one trust anchor different from a local 
trust authority. \ 

11. (Originalb The system of claim 10 wherein the superior authority includes a 
trust anchor modification data certificate issuer that provides the trust anchor modification data 
as a signed data structure for the subordinate authorities. 

12. (Original)! The system of claim 9 wherein the trust anchor modification data 
includes data representing at least one of: scope of certification data, subordinate authority cross- 
certification allowance daia, subordinate authority certification rule data, subordinate authority 
password rule data, subscriber trust anchor rule data and subscriber password rule data, 
certificate expiry policy, supscriber algorithm policy, and policy control message data. 

13. (Original) I The system of claim 12 wherein one of the trusted authorities is a 
root authority. \ 

14. (Original) I The system of claim 13 including subordinate authority memory 
containing data representing Ivalidation starting authority data, wherein the data is stored in 
response to receiving the inter ttrusted authority trust modification data. 

15. (Currently ameiMed) A method for providing information security comprising: 
providing a plumlity of trusted authorities configurable in a rooted hierarchical 

structure including at least one pf the trusted authorities being a superior authority and at least 
one of the trusted authorities being a subordinate [authorities] authority ; and 



CHICAGO/# 1088627.1 



8 



] 



gendrating inter trusted authority trust modification data to dynamically vary 
validation starting authorities among the subordinate authorities. 

16. (Origmal) The method of claim 15 including issuing certificates for at least 
one subscriber based An the inter trusted authority modification data. 

17. (Origin il) The method of claim 15 including generating trust anchor 



modification data for 



a plurality of subscribers. 
18. (Origin il) The method of claim 1 7 wherein the trust anchor modification data 
includes subordinate t ust anchor data representing at least one trust anchor different fi:om a local 



trust authority. 

19. (Original) The method of claim 15 including the step of providing the trust 
anchor modification pata as a signed data structure for the subordinate authorities. 

20. (Orij inal) The method of claim 15 v^herein the trust anchor modification data 
includes data repres enting at least one of: scope of certification data, subordinate authority cross- 
certification allow£ nee data, subordinate authority certification rule data, subordinate authority 

i, subscriber trust anchor rule data and subscriber passv^ord rule data, 
icy, subscriber algorithm policy, and policy control message data. 
>inal) The method of claim 15 including the step of storing data 
representing validai ion starting authority data, in response to receiving the inter trusted authority 
trust modification d ita. 

V 



password rule data, 
certificate expiry po 
21. (Ori 
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